CNCF sponsored this post.
This post is one of a series of posts previewing KubeCon + CloudNativeCon Europe 2023, April 18-21, Amsterdam.
Join us there, to learn more about the transformative nature of cloud native applications and open source software.
Over the last 20 years, public cloud architectures have transformed the process and methods of software deployment, unleashing tremendous convenience and efficiency in customers’ access to software. However, there remain government and commercial customers who, for myriad reasons, can accept only a private software environment over which they maintain complete control.
In order to serve this growing segment of customers, software vendors must become adept at deploying their products via Private SaaS, despite the host of challenges and technical difficulties it presents.
KubeCon + CloudNativeCon conferences gather adopters and technologists to further the education and advancement of cloud native computing. The vendor-neutral events feature domain experts and key maintainers behind popular projects like Kubernetes, Prometheus, Envoy, CoreDNS, containerd and more.
The latest from KubeCon + CloudNativeCon
Why Your Customers Will Require Applications to Be Deployed as Private SaaS
Customers across the entire economic spectrum — from global investment banks, to healthcare organizations, to social media companies, to government entities — increasingly require their software vendors to serve them via Private SaaS for myriad specific requirements, many of which are existential to their business models:
- Security, Controls and Auditability: Industries handling Personally Identifiable Information (PII) have data security requirements so stringent that isolation in the form of Private SaaS is the only acceptable solution. For companies required to maintain total control over all data they collect, store and use, Private SaaS facilitates necessary control over network access, identification of and response to vulnerabilities and maintenance of bespoke audit log practices across all software deployed in their infrastructure.
- Compliance: Regulations such as the EU’s GDPR, the US’s HIPAA and the global Payment Card Industry Security Standards Council (PCI SSC) require organizations to protect valuable consumer data by implementing appropriate technical and organizational measures to both comply and demonstrate compliance with all regulations. Data sovereignty requirements may require data to reside locally, making it impossible for vendors to serve customers in certain countries without opening a physical footprint — and Private SaaS allows vendors to keep their software and associated data co-located with its customer.
- Consistency across software products: Private SaaS deployment of software allows customers with complex security and/or compliance requirements to maintain a consistent software experience across all of their vendor-provided products, by imposing their own security and compliance controls in-house in a Private SaaS environment. This approach allows customer organizations to access software products that may lack the full spectrum of security features as a result of being early in their product journey.
- Ease of training and cost management: Private SaaS allows organizations to focus their employees’ training and staffing on their specific infrastructure, instead of training their employees to manage multiple cloud infrastructure tools. Additionally, many software vendors with stable workloads can access enormous potential cost savings by running their own data centers, versus hyperscaler cloud infrastructure.
- Optimized software experience for the customer: Customers with a Private SaaS set-up still enjoy the hands-off full-service perks of SaaS software, in which they use vendors’ software products on demand without the burden of upgrading and maintaining them.
Why Vendors Struggle to Deliver Applications via Private SaaS
Delivering a new deployment topology can be a daunting and complex task for software vendors. While Private SaaS comes with many benefits for both software vendors and their customers, it also introduces new technical challenges for which many of today’s solutions are not optimized to solve.
- Repeatability and deployment at scale: As more customers move to Private SaaS, vendors need to deploy their software in a repeatable way for each new customer environment. Vendors must maintain metadata on application constraints and dependencies in support of their deployed products, tailored to each customer’s unique requirements, which can be as granular as specific hours of the day for software maintenance and upgrades. These complexities become exponentially more difficult to handle at scale, requiring effective repeatability of bespoke deployment processes.
- Heterogeneity: Vendors must embrace heterogeneity by design and assume that each Kubernetes and customer environment is unique — necessitating that software be designed to run in a wide variety of customers’ private SaaS environments.
- Resiliency and Release Management: Ensuring up-time and resiliency within the connected Private SaaS environments, as with most high-performance applications, is essential. Effective management of software applications requires the ability to continuously deploy, monitor and roll-back releases automatically via policy — all potentially without direct connection or any control over the customer’s environment.
- Telemetry, logging and audit controls: Connected Private SaaS applications also need to control data flows, adhere to encryption standards and provide auditability of all events occurring in their software within the customer’s Virtual Private Cloud (VPC) — and then route that data to the correct stakeholders, in accordance with each environment’s unique policies. This telemetry is often essential to upholding compliance standards as well as for troubleshooting and disaster response.
- Connectivity, remote updates and patching: When deploying to Private SaaS environments, variations in connectivity can have dramatic effects on how updates and patching are delivered and deployed. Flexibility in the deployment of updates and patches is thus essential, in order to support remote updates delivered as bundled updates of the entire application or incremental updates based on the delta between versions.
Conclusion
In today’s business environment, security and flexibility are crucial given the increasing demands of today’s regulations, especially with regard to evolving security standards. With Private SaaS, organizations are uniquely able to meet and exceed complex security requirements, while still enjoying the efficiencies and innovation of SaaS deployments. It is imperative that software vendors rise to the challenges of Private SaaS in order to serve this rapidly growing market.
You can learn more about how Palantir has solved this problem for our EU customers, both private and public sector, with Palantir Apollo or by visiting us at booth G8 at KubeCon.
The Cloud Native Computing Foundation (CNCF) hosts critical components of the global technology infrastructure including Kubernetes, OpenTelemetry, and Argo. CNCF is the neutral home for cloud native collaboration, bringing together the industry’s top developers, end users, and vendors.
